Risk and Compliance Management
Managing Corporate Risks
Risk and compliance management is an integral part of corporate management at WACKER. As a globally active company, WACKER is exposed to numerous risks directly attributable to our operational activities. Starting from an acceptable level of overall risk, the Executive Board decides which risks we should take to utilize opportunities available to the company. The goal of risk management at WACKER is to identify risks as early as possible, evaluate them adequately, and take appropriate steps to reduce them. We define risks as internal and external events that may have a negative effect on the attainment of our targets and forecasts.
As a specialty-chemical company, we have a particular responsibility to ensure plant safety and to protect health and the environment. All our production sites have coordinators who manage plant and workplace safety, alongside health and environmental protection. Our risk management complies with legal requirements and is a component in all our decisions and business processes. The Executive and Supervisory Boards are regularly informed about the current risk status in the Group and at each business division.
WACKER follows the “Three Lines of Defense” model to effectively manage corporate risks and ensure compliance with legal provisions and the ethical principles of corporate management.
- The first line of defense is centered on operational management, which involves coordinating, monitoring and managing the risks that arise. It also includes the establishment of functioning internal control systems within the individual operational units.
- The second line of defense is formed by risk and compliance management. Risk management systematically tracks the main risks associated with the operational units and provides the Executive Board with corresponding reports. Compliance management ensures that the ethical principles of corporate management are observed. It identifies the relevant legal requirements and amendments, forwards them to all affected corporate units and holds courses on compliance for employees.
- The third line of defense is provided by the internal auditing department, which acts as an independent monitoring body for the Executive Board. This department conducts audits at regular intervals to review the risk management in place at the various corporate units and to check whether the internal control systems run by the operational units are effective. Auditing also liaises with Compliance Management, for example if anti-corruption investigations are held or related measures are taken.
“Three Lines of Defense” Model
Compliance Management
WACKER’s ethical principles of corporate management exceed legal requirements. They are summarized in our Code of Conduct. All WACKER employees are required to follow this code. The compliance management department is responsible for ensuring that these principles and all related legal provisions are observed throughout the company. Training courses on compliance raise employees’ awareness of the relevant risks and convey binding rules of behavior for daily work routines. These aspects are covered by WACKER’s compliance regulation. Employees are instructed to inform their supervisors, the compliance officers, the employee council or their designated HR contacts of any violations they notice. WACKER Greater China has a compliance hotline that enables employees and business partners to report any breaches anonymously. Furthermore, every year, employees in the region must sign a declaration regarding proper conduct.
The Group’s compliance officers are responsible for implementing the compliance rules and regulations, and are on hand to advise employees on all matters relating to compliance. The WACKER Group has 23 compliance officers around the world: in Germany, the USA, China, Taiwan, Japan, India, South Korea, Brazil, Mexico, Singapore, Russia, Norway and the United Arab Emirates. Compliance issues arising in countries not listed here are handled in Germany by the chief compliance officer. The chief compliance officer reports to WACKER’s president & CEO.
Prevention is a key aspect of the work of compliance officers. They train, inform and advise employees and management on, for example, anti-corruption strategies and measures. In 2016, all the compliance officers met to discuss how to harmonize WACKER’s global approach to combating legal infringements. The prevention of cybercrime was a further point of focus, as it had been in 2015. For example, a dedicated campaign was launched to raise employee awareness of the risks of cybercrime. In 2015 and 2016, no major infringements of compliance were identified, where the effect on earnings would exceed €5 million.
WACKER’s compliance programs are designed to prevent misconduct, minimize the repercussions of misconduct, and – in accordance with the UN’s Global Compact – identify any cases of corruption or other legal infringements. To promote compliance, we use such organizational methods as the separation of responsibility and our dual-control policy. Separation of responsibility makes it impossible for any one employee to single-handedly carry out transactions involving payments. The purchasing unit is thus quite distinct from the ordering unit. Dual control ensures that every critical transaction is checked by a second person.
Data Protection
The way in which we gather and process personal data relating to all employees and external parties with whom we are in contact complies with data protection regulations with the sole aim of meeting the intended purposes.
Internal Auditing
On behalf of the Executive Board, Corporate Auditing mainly performs regular, process-specific reviews of all relevant functions and corporate units, placing its focus on internal control systems. Audit topics are selected using a risk-driven approach. This takes account of risk management reporting, as well as the reports and information provided by the corporate departments, business divisions and larger joint ventures/associates. The Executive Board supplements and approves the auditing schedule, which is discussed by the Audit Committee as well. If necessary, the schedule is flexibly adjusted during the year to take account of changes in underlying conditions. Processes and areas that constitute a high risk in terms of corruption or legal non-compliance are scrutinized more frequently by the auditors. Criteria for the risk assessment include:
- Country classified as having a high risk of corruption
- High possible risk of damage (financial or reputation-related)
- Compliance issue (suspected cases)
- Previous audit revealed substantial need for action, and
- Legal obligation to have regular audits
For capital-intensive engineering activities (e.g. project engineering and maintenance), we employ specially qualified industrial personnel as auditors.
In the period under review, auditing focused on:
- Settlement of investment measures
- Adherence to environmental legislation in the USA, and
- Sales commissions and discounting, including how they are treated in accounting
Whenever cross-functional business-process audits were conducted at subsidiaries, the checks included aspects of plant safety, such as whether safety training or technical inspections were held. During the reporting period, no major complaints about the proper functioning of the control systems came to light as regards the previously mentioned reporting threshold, where the effect on earnings would exceed €5 million.
Any process-optimization measures derived from the audits are implemented and systematically monitored by the auditing department. It provides the Executive Board and Audit Committee with regular reports on the results and implementation status of the various measures.
Employees involved in import and export processes must complete online training on export control every two years. Individuals working in particularly sensitive jobs, such as managing directors of regional subsidiaries and export control representatives, must complete a refresher course every year. Export control is based on national and international laws and aims to prevent the spread of weapons of mass destruction, combat international terrorism and uphold human rights. In this regard, it is important to inspect not only the item to be exported, but also the country of destination, the customer and the end use of the products.
WACKER’s corporate culture is characterized by mutual respect and trust. However, inappropriate behavior on the part of individual employees can never be eliminated. In these cases, we rely on our internal risk assessments.
According to Transparency International’s Corruption Perceptions Index (CPI), WACKER is predominantly active in countries that have a low or very low risk of corruption.
|
|
|
|
|||||||||
|
2016 |
2015 |
2014 |
|||||||||
|
|
|
||||||||||
|
||||||||||||
|
|
|
||||||||||
Level of key fines1 and number of non-monetary penalties for non-compliance with requirements of environmental legislation |
‒ |
‒ |
– |
|||||||||
Number of organizational units subjected to corruption audit |
31 |
29 |
29 |
|||||||||
Legal entities subjected to corruption audit (%) |
22 |
23 |
20 |
|||||||||
Employees2 trained in corruption prevention (%) |
50 |
50 |
50 |
|||||||||
Measures3 taken in response to violation of laws, codes and standards |
|
|
|
|||||||||
Written warnings |
9 |
11 |
18 |
|||||||||
Termination of employment contract |
5 |
4 |
8 |
|||||||||
Number of complaints about anticompetitive behavior, violation of antitrust or monopolies legislation |
‒ |
‒ |
‒ |
|||||||||
Level of key fines1 and number of non-monetary penalties for breaches of legal requirements |
‒ |
‒ |
‒ |
|||||||||
Level of key fines1 for breaches of legal requirements relating to the supply and use of products and services |
‒ |
‒ |
‒ |
|||||||||
|
|
|
Sales Shares as a Function of Corruption Risk as per Transparency International1
1 Transparency International’s Corruption Perceptions Index (CPI) ranks countries according to the level of corruption perceived in the public sector. The categories in this graph were compiled independently.